Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B082D8A41292B93E037743D7E2E60B3EE3DB8352CD3366498BEEC74A17C9D45C912519 |
|
CONTENT
ssdeep
|
384:9L7LULF/OTyG4z9/FgwORA5iY16new+hkqE51g:9nYZ/ix4z9/ulo16nEg1g |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c6bc3337348c1733 |
|
VISUAL
aHash
|
26fcfefa0020202c |
|
VISUAL
dHash
|
c4e8f0a48cc2d0c8 |
|
VISUAL
wHash
|
26feffff0020203c |
|
VISUAL
colorHash
|
38c00000000 |
|
VISUAL
cropResistant
|
c4e8f0a48cc2d0c8 |
Fake Galabet site positioned to capture victims through SEO tactics, typosquatting, or paid advertising. Serves as entry point for multi-stage attacks including credential theft and malware distribution.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.